Vlad Leont : Security Vulnerabilities, CVEs, CVSS score >= 1
download.php in FD Script 1.3.2 and earlier allows remote attackers to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php.
Max CVSS
5.0
EPSS Score
2.71%
Published
2007-01-31
Updated
2018-10-16
1 vulnerabilities found